mirror of
https://github.com/linuxkit/linuxkit.git
synced 2025-10-11 04:33:46 +00:00
821cb0b829
This is the new Lernel Page Table Isolation (KPTI, formerly KAISER) introduced with 4.14.11 (and in 4.15.rcX). KPTI runs the kernel and userspace off separate pagetables (and uses PCID on more recent processors to minimise the TLB flush penalty). It comes with a performance hit but is enabled by default as a workaround around some serious, not yet disclosed, bug in Intel processors. When enabled in the kernel config, KPTI will be be dynamically enabled at boot time deping on the CPU it is executing (currently all Intel x86 CPUs). Depending on the environment, you may choose to disable it using 'pti=off' on the kernel commandline. Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
See ../docs/kernels.md for more information on kernel builds.
To build with various debug options enabled, build the kernel with
make DEBUG=1. The options enabled are listed in kernel_config.debug.
This allocates a significant amount of memory on boot and you may need to
adjust the kernel config on some systems. Specifically:
--- a/alpine/kernel/kernel_config
+++ b/alpine/kernel/kernel_config
@@ -415,8 +415,8 @@ CONFIG_DMI=y
# CONFIG_CALGARY_IOMMU is not set
CONFIG_SWIOTLB=y
CONFIG_IOMMU_HELPER=y
-CONFIG_MAXSMP=y
-CONFIG_NR_CPUS=8192
+CONFIG_MAXSMP=n
+CONFIG_NR_CPUS=8
# CONFIG_SCHED_SMT is not set
CONFIG_SCHED_MC=y
# CONFIG_PREEMPT_NONE is not set